Coverage

Requirements coverage IEC-62443-3-3 Supplier KASPERSKY

Requeriments Capacities Services/Solutions Coverage
SR 1.1 - Identification and authentication of human users Basic user access control
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Full coverage
Kaspersky Industrial CyberSecurity for Nodes Full coverage
Kaspersky Industrial CyberSecurity for Network Full coverage
SR 1.1 - RE (1) Identification and unique authentication Access control policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Full coverage
SR 1.1 - RE (2) Multiple factor authentication for untrusted networks Multi-factor user access control
KICS - Kaspersky Industrial Cybersecurity Full coverage
SR 1.2 - RE (1) identification and unique authentication Access control policy, Role-based access
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Full coverage
SR 1.3 - Account Management Access control policy, Role-based access, Account management
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
SR 1.3 RE (1) Unified Account Management Single Sign On
SR 1.4 - identification management Access control policy, Role-based access, Account management
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
SR 1.5 - Authentication management Access control policy, Basic user access control, Multi-factor user access control
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 1.5 RE (1) Security hardware to identify credentials through software processes Hardware Security Keys
SR 1.6 - Wireless Access Management WI-FI control, Network communications control, Physical security in the installation of devices, Account management
KICS - Kaspersky Industrial Cybersecurity Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 1.6 RE (1) Unique identifier and authenticator Access control policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Full coverage
SR 1.7 - Strength of password-based authentication Detection of use of default passwords, Account management
KICS - Kaspersky Industrial Cybersecurity Partial coverage
SR 1.7 RE (1) Password generation and lifetime restrictions for human users Access control policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Full coverage
SR 1.7 RE (2) Restrictions on password lifetime for all users Access control policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Full coverage
SR 1.8 - Public Key Infrastructure Certificates PKI infrastructure, Certificate use policy
SR 1.9 - Strong authentication based on public key Multi-factor user access control, Certificate use policy
KICS - Kaspersky Industrial Cybersecurity Partial coverage
SR 1.9 RE (1) Security hardware to authenticate public keys PKI infrastructure
SR 1.10 - Authenticator Feedback User access control with hidden display, Access control policy
KICS - Kaspersky Industrial Cybersecurity Partial coverage
Kaspersky Security Center Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
SR 1.11 - Failed login attempts Industrial DPI for anomaly detection, Account management, Inspect endpoint logs, Industrial network event log (forensic analysis)
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 1.12 - System usage notifications Account management, Inspect endpoint logs, Industrial network event log (forensic analysis)
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 1.13 - Access through non-secure networks Network event correlation analysis, Multi-factor user access control, Network communications control, Industrial network event log (forensic analysis), Network communication visualization
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 1.13 RE (1) Explicit access approval request Access control policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Full coverage
SR 1.1 - RE (3) Multiple authentication factor for all networks Role-based access
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Full coverage
Kaspersky Industrial CyberSecurity for Nodes Full coverage
SR 2.1 - Authorization application Detection of use of default passwords, Account management
KICS - Kaspersky Industrial Cybersecurity Partial coverage
SR 2.1 RE (1) Authorization application for all users Use control policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Full coverage
SR 2.1 RE (2) Mapping permissions to roles Role-based access, Use control policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Full coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
SR 2.1 RE (3) Anular supervisor Use control policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Full coverage
SR 2.1 RE (4) Double Approval Use control policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Full coverage
SR 2.2 - Wireless usage control WI-FI control, Network communications control, Network integrity control, Network communication visualization
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 2.2 RE (1) Identify and report unauthorized wireless devices Security log
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Full coverage
SR 2.3 - Usage control for portable and mobile devices Role-based access, Network event correlation analysis, Network communications control, Equipment use control, Use control policy, Network communication visualization
KICS - Kaspersky Industrial Cybersecurity Partial coverage
Kaspersky Security Center Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 2.3 RE (1) Application of the security status of portable and mobile devices Reporting of events and communication to responsible parties
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Full coverage
SR 2.4 - Mobile code Role-based access, Software usage control, Use control policy, Upgrade testing support
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
SR 2.4 RE (1) Mobile code integrity check Verification of integrity of software and hardware code
SR 2.5 - Session Lock Account management, Use control policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Partial coverage
SR 2.6 - Remote session termination Account management, Use control policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Partial coverage
SR 2.7 - Control of concurrent sessions Account management, Use control policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Partial coverage
SR 2.8 - Auditable events Whitelist in prevention mode, Activity log policy, Industrial network event log (forensic analysis), Security log, Incident response support
KICS - Kaspersky Industrial Cybersecurity Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 2.8 RE (1) Audit tracks of systems with centralized management SIEM integration
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Full coverage
Kaspersky Industrial CyberSecurity for Nodes Full coverage
Kaspersky Industrial CyberSecurity for Network Full coverage
SR 2.9 - Audit storage capacity Equipment protection diagnostics, Centralized management of security policies, Incident response support
KICS - Kaspersky Industrial Cybersecurity Partial coverage
Kaspersky Security Center Partial coverage
SR 2.9 RE (1) Warn when capacity threshold has been reached in audit logs Activity log policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
SR 2.10 - Respond to failures in the audit process Network event correlation analysis, SIEM integration, Activity log policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 2.11 - Timestamps Equipment protection diagnostics, Industrial network event log (forensic analysis), Security log, Reporting of events and communication to responsible parties
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 2.11 RE (1) Internal time synchronization Activity log policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
SR 2.11 RE (2) Protection in the integrity of the time source Activity log policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
SR 2.12 - No repudiation Network event correlation analysis, Equipment protection diagnostics, Centralized management of security policies, Inspect endpoint logs, Industrial network event log (forensic analysis)
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 2.12 RE (1) Non-repudiation for all users Activity log policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
SR 3.1 - Integrity in communications Network event correlation analysis, WI-FI control, Network communications control, Advanced detection of anomalies in the IP layer, Network communication visualization
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 3.1 RE (1) Use cryptography to protect integrity Network integrity control
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Network Full coverage
SR 3.2 - Protection against malicious code Reliable updates, Host-based firewall, Whitelist in prevention mode, Notify only protection mode, Upgrade testing support, Verify PLC integrity
KICS - Kaspersky Industrial Cybersecurity Partial coverage
Kaspersky Security Center Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
SR 3.2 RE (1) Protection against malicious code at entry and exit points Advanced antimalware
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Full coverage
SR 3.2 RE (2) Centralized management for protection against malicious code Centralized management of security policies
KICS - Kaspersky Industrial Cybersecurity Full coverage
SR 3.3 - Verification of security functionalities Reliable updates, Certification of the main ICS providers, Cybersecurity assessment
KICS - Kaspersky Industrial Cybersecurity Partial coverage
Kaspersky Security Center Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
SR 3.3 RE (1) Automatic mechanisms to verify security functionalities Centralized management of security policies
KICS - Kaspersky Industrial Cybersecurity Full coverage
SR 3.3 RE (2) Verification of safety functionalities during normal operation Use control policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Full coverage
SR 3.4 - Software and information integrity Reliable updates, White list in discovery mode, Access control policy, File integrity monitoring, Verification of integrity of software and hardware code
KICS - Kaspersky Industrial Cybersecurity Partial coverage
Kaspersky Security Center Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 3.4 RE (1) Automatic notifications on integrity violations Centralized management of security policies
KICS - Kaspersky Industrial Cybersecurity Full coverage
SR 3.5 - Validation of entries Network event correlation analysis, Host-based firewall, Industrial DPI for anomaly detection, Whitelist in prevention mode, Advanced process control rules
KICS - Kaspersky Industrial Cybersecurity Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 3.6 - Deterministic Outputs Software usage control, Industrial DPI for anomaly detection, Advanced process control rules
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 3.7 - Error handling Industrial DPI for anomaly detection, Detect attacks on industrial networks (signature-based) , Centralized management of security policies, Inspect endpoint logs, Activity log policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 3.8 - Session integrity Network communications control, Industrial DPI for anomaly detection, Detect attacks on industrial networks (signature-based) , Industrial network event log (forensic analysis)
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Full coverage
SR 3.8 RE (1) Invalidate session IDs once the session was terminated Activity log policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
SR 3.8 RE (2) Generation of unique session IDs Activity log policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
SR 3.8 RE (3) Randomness of session IDs Activity log policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
SR 3.9 - Protection of audit information Network event correlation analysis, Centralized management of security policies, Activity log policy, Incident response support
KICS - Kaspersky Industrial Cybersecurity Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 3.9 RE (1) Audit records in single write media Role-based access, SIEM integration
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Full coverage
Kaspersky Industrial CyberSecurity for Nodes Full coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 4.1 - Confidentiality of information Account management, Access control policy, Data Protection
KICS - Kaspersky Industrial Cybersecurity Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
SR 4.1 RE (1) Protection of the confidentiality of information hosted or in transit through unreliable networks Use control policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Full coverage
SR 4.1 RE (2) Protection of confidentiality across zone boundaries Use control policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Full coverage
SR 4.2 - Persistence of information Use control policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Full coverage
SR 4.2 RE (1) Purge shared memory resources Data Protection
SR 4.3 - Use of cryptography Multi-factor user access control, Network communications control, Use control policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 5.1 - Network Segmentation WI-FI control, Network communications control, Network integrity control, Industrial network event log (forensic analysis), Network communication visualization
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 5.1 RE (1) Physical network segmentation Secure network design
SR 5.1 RE (2) Independence of networks without control systems Secure network design
SR 5.1 RE (3) Logical and physical isolation of critical networks Secure network design
SR 5.2 - Zone boundary protection WI-FI control, Network communications control, Network integrity control, Industrial network event log (forensic analysis), Network communication visualization
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 5.2 RE (1) Deny by default, allow by exception Secure network design
SR 5.2 RE (2) Island mode Secure network design
SR 5.2 RE (3) Closure on failure Secure network design
SR 5.3 - Restriction on person-to-person communications for general purposes WI-FI control, Network communications control, Industrial DPI for anomaly detection, Industrial network event log (forensic analysis), Network communication visualization
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 5.3 RE (1) Prohibit all general purpose person-to-person communications Secure network design
SR 5.4 - Application Partitioning WI-FI control, Network communications control, Secure network design
KICS - Kaspersky Industrial Cybersecurity Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 6.1 - Audit accessibility to logs Equipment protection diagnostics, Industrial network event log (forensic analysis), Security log, Reporting of events and communication to responsible parties
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 6.1 RE (1) Scheduled access to audit logs SIEM integration
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Full coverage
Kaspersky Industrial CyberSecurity for Nodes Full coverage
Kaspersky Industrial CyberSecurity for Network Full coverage
SR 6.2 - Continuous monitoring Industrial DPI for anomaly detection, Detect attacks on industrial networks (signature-based) , White list in discovery mode, Industrial network event log (forensic analysis), File integrity monitoring, Network communication visualization
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 7.1 - Denial of Service Protection Network event correlation analysis, Industrial network event log (forensic analysis), Reporting of events and communication to responsible parties
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 7.1 RE (1) Manage communication load Network communications control
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Industrial CyberSecurity for Nodes Full coverage
Kaspersky Industrial CyberSecurity for Network Full coverage
SR 7.1 RE (2) Limit the effects of a denial of service to other systems or networks Use control policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Full coverage
SR 7.2 - Resource Management Network communications control, Equipment use control, Device control, Monitor USB access, Use control policy, Advanced process control rules, Verify PLC integrity
KICS - Kaspersky Industrial Cybersecurity Partial coverage
Kaspersky Security Center Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 7.3 - System backup control Backup system
SR 7.3 RE (1) Backup verification Backup Policy
SR 7.3 RE (2) Backup automation Backup Policy
SR 7.4 - Restoration and reconstitution of the control system Backup Policy, Backup system
SR 7.5 - Emergency power Physical security in the installation of devices, Redundancy system
Kaspersky Security Center Partial coverage
SR 7.6 - Network settings and security configurations Network event correlation analysis, Network communications control, Network integrity control, Equipment use control, Network communication visualization
KICS - Kaspersky Industrial Cybersecurity Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 7.6 RE (1) Machine readable current security settings reports Activity log policy
KICS - Kaspersky Industrial Cybersecurity Full coverage
SR 7.7 - Less functionalities WI-FI control, Network communications control, Equipment use control, Software usage control, Device control, Whitelist in prevention mode
KICS - Kaspersky Industrial Cybersecurity Partial coverage
Kaspersky Industrial CyberSecurity for Nodes Partial coverage
Kaspersky Industrial CyberSecurity for Network Partial coverage
SR 7.8 - Inventory of control system components Hardware and software inventory
KICS - Kaspersky Industrial Cybersecurity Full coverage
Kaspersky Security Center Full coverage
Kaspersky Industrial CyberSecurity for Nodes Full coverage